Sophos recommends ‘walled garden’ to Facebook

Sophos suggests Facebook could adopt Apple's "walled garden" approach to apps to better protect its users.


Facebook has defended its security efforts after a report suggested it should follow Apple's "walled garden" approach to apps.

Security firm Sophos said the closed Apple approach "has proven effective in protecting users from maliciously crafted applications."

A Sophos poll carried out amongst Facebook users found 95.51 per cent of users agreed the Apple approach would be better for security.

Facebook said it has extensive controls so when a users wants to add an application it only gets access to "very limited data" and the user needs to approve each additional type of data.

Advertisement - Article continues below
Advertisement - Article continues below

"We have a dedicated team that does robust review of all third-party applications, using a risk-based approach," a spokesperson for the social networking giant said.

"So, that means that we first look at velocity/number of users/types of data shared, and prioritise. This ensures that the team is focused on addressing the biggest risks, rather than just doing a cursory review at the time that an app is first launched."

Facebook said it acts fast to remove or sanction any potentially malicious applications before they gain access to user data. In some cases the company said it will go as far as to bring in law enforcement.

The Sophos report also indicated security threats had risen across social networks, including Facebook.

"Rogue applications, clickjacking, survey scams all unheard of just a couple of years ago, are now popping up on a daily basis on social networks such as Facebook," said Graham Cluley, senior technology consultant at Sophos.

"Why aren't Faceboook and other social networks doing more to prevent spam and scams in the first place?"

Advertisement - Article continues below

The survey showed two-fifths of respondents had been sent malware over social networking sites, representing a 90 per cent increase since summer 2009.

Eight in 10 respondents said Facebook posed the biggest risk to the security of their systems.

Facebook again defended its record in securing users from the likes of spam and malicious software.

"As a result of our efforts, the data we have on interactions of more than 500 million people using Facebook shows that spam, malware and other attacks have decreased in their effectiveness - the opposite conclusion reached by a security vendor," the Facebook spokesperson said.

Advertisement - Article continues below

"It's much more important to measure effectiveness than it is to measure volume. If your spam filter catches all the spam, does it matter that your filter caught 10 per cent more?"

Facebook was involved in another privacy debate this week, as users and security professionals complained about a feature allowing developers to access user phone numbers and addresses.

Advertisement - Article continues below

Facebook removed the feature, saying it wanted to ensure users were only giving away data they wanted to hand over to third parties.

An updated version of the feature is expected to appear in the coming weeks.

IT PRO, meanwhile, has discovered photos with privacy restrictions on them could easily be spread across the internet without users' knowledge.

By simply right clicking and selecting copy image location' on a photo, anyone can then paste the URL to share it with unauthorised users, even those not on Facebook.

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now



Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019
internet security

Facebook exec calls Cambridge Analytica scandal a "non event"

8 Jan 2020

Best free malware removal tools 2019

23 Dec 2019
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Most Popular

cloud computing

Google Cloud snaps up multi-cloud analytics platform for $2.6bn

13 Feb 2020

How to use Chromecast without Wi-Fi

5 Feb 2020
Microsoft Azure

Microsoft Azure is a testament to Satya Nadella’s strategic nouse

14 Feb 2020
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020